Skip to content

Latest commit

 

History

History
1030 lines (984 loc) · 26.7 KB

File metadata and controls

1030 lines (984 loc) · 26.7 KB

Type: application Version: 0.8.2 Artifact Hub Slack

Victoria Metrics Auth - is a simple auth proxy and router for VictoriaMetrics.

Prerequisites

  • Install the follow packages: git, kubectl, helm, helm-docs. See this tutorial.

How to install

Access a Kubernetes cluster.

Setup chart repository (can be omitted for OCI repositories)

Add a chart helm repository with follow commands:

helm repo add vm https://victoriametrics.github.io/helm-charts/

helm repo update

List versions of vm/victoria-metrics-auth chart available to installation:

helm search repo vm/victoria-metrics-auth -l

Install victoria-metrics-auth chart

Export default values of victoria-metrics-auth chart to file values.yaml:

  • For HTTPS repository

    helm show values vm/victoria-metrics-auth > values.yaml
  • For OCI repository

    helm show values oci://ghcr.io/victoriametrics/helm-charts/victoria-metrics-auth > values.yaml

Change the values according to the need of the environment in values.yaml file.

Test the installation with command:

  • For HTTPS repository

    helm install vma vm/victoria-metrics-auth -f values.yaml -n NAMESPACE --debug --dry-run
  • For OCI repository

    helm install vma oci://ghcr.io/victoriametrics/helm-charts/victoria-metrics-auth -f values.yaml -n NAMESPACE --debug --dry-run

Install chart with command:

  • For HTTPS repository

    helm install vma vm/victoria-metrics-auth -f values.yaml -n NAMESPACE
  • For OCI repository

    helm install vma oci://ghcr.io/victoriametrics/helm-charts/victoria-metrics-auth -f values.yaml -n NAMESPACE

Get the pods lists by running this commands:

kubectl get pods -A | grep 'vma'

Get the application by running this command:

helm list -f vma -n NAMESPACE

See the history of versions of vma application with command.

helm history vma -n NAMESPACE

How to uninstall

Remove application with command.

helm uninstall vma -n NAMESPACE

Documentation of Helm Chart

Install helm-docs following the instructions on this tutorial.

Generate docs with helm-docs command.

cd charts/victoria-metrics-auth

helm-docs

The markdown generation is entirely go template driven. The tool parses metadata from charts and generates a number of sub-templates that can be referenced in a template file (by default README.md.gotmpl). If no template file is provided, the tool has a default internal template that will generate a reasonably formatted README.

Parameters

The following tables lists the configurable parameters of the chart and their default values.

Change the values according to the need of the environment in victoria-metrics-auth/values.yaml file.

Key Type Default Description
affinity object
{}

Affinity configurations

annotations object
{}

Annotations to be added to the deployment

config string
null

Config file content.

containerWorkingDir string
/

env list
[]

Additional environment variables (ex.: secret tokens, flags). Check here for details

envFrom list
[]

Specify alternative source for env variables

extraArgs object
envflag.enable: true
envflag.prefix: VM_
httpListenAddr: :8427
loggerFormat: json

Extra command line arguments for container of component

extraContainers list
[]

Extra containers to run in a pod with vmauth

extraHostPathMounts list
[]

Additional hostPath mounts

extraLabels object
{}

Labels to be added to the deployment

extraObjects list
[]

Add extra specs dynamically to this chart

extraVolumeMounts list
[]

Extra Volume Mounts for the container

extraVolumes list
[]

Extra Volumes for the pod

fullnameOverride string
""

Override resources fullname

global.cluster.dnsDomain string
cluster.local.

K8s cluster domain suffix, uses for building storage pods’ FQDN. Details are here

global.compatibility object
openshift:
    adaptSecurityContext: auto

Openshift security context compatibility configuration

global.image.registry string
""

Image registry, that can be shared across multiple helm charts

global.imagePullSecrets list
[]

Image pull secrets, that can be shared across multiple helm charts

image.pullPolicy string
IfNotPresent

Pull policy of Docker image

image.registry string
""

Image registry

image.repository string
victoriametrics/vmauth

Victoria Metrics Auth Docker repository and image name

image.tag string
""

Tag of Docker image

image.variant string
""

Variant of the image to use. e.g. enterprise, scratch

imagePullSecrets list
[]

Image pull secrets

ingress.annotations object
{}

Ingress annotations

ingress.enabled bool
false

Enable deployment of ingress for vmauth component

ingress.extraLabels object
{}

Ingress extra labels

ingress.hosts list
- name: vmauth.local
  path:
    - /
  port: http

Array of host objects

ingress.ingressClassName string
""

Ingress controller class name

ingress.pathType string
Prefix

Ingress path type

ingress.tls list
[]

Array of TLS objects

ingressInternal.annotations object
{}

Ingress annotations

ingressInternal.enabled bool
false

Enable deployment of internal ingress for vmauth component

ingressInternal.extraLabels object
{}

Ingress extra labels

ingressInternal.hosts list
- name: vmauth.local
  path:
    - /
  port: http

Array of host objects

ingressInternal.ingressClassName string
""

Ingress controller class name

ingressInternal.pathType string
Prefix

Ingress path type

ingressInternal.tls list
[]

Array of TLS objects

initContainers list
[]

Init containers for vmauth

license object
key: ""
secret:
    key: ""
    name: ""

Enterprise license key configuration for VictoriaMetrics enterprise. Required only for VictoriaMetrics enterprise. Check docs here, for more information, visit site. Request a trial license here Supported starting from VictoriaMetrics v1.94.0

license.key string
""

License key

license.secret object
key: ""
name: ""

Use existing secret with license key

license.secret.key string
""

Key in secret with license key

license.secret.name string
""

Existing secret name

nameOverride string
""

Override chart name

nodeSelector object
{}

NodeSelector configurations. Check here for details

podAnnotations object
{}

Annotations to be added to pod

podDisruptionBudget object
enabled: false
labels: {}

See kubectl explain poddisruptionbudget.spec for more. Official guide is here

podLabels object
{}

Labels to be added to pod

podSecurityContext object
enabled: true

Pod’s security context. Details are here

probe.liveness object
initialDelaySeconds: 5
periodSeconds: 15
tcpSocket: {}
timeoutSeconds: 5

Liveness probe

probe.readiness object
initialDelaySeconds: 5
periodSeconds: 15
tcpSocket: {}

Readiness probe

probe.startup object
{}

Startup probe

replicaCount int
1

Number of replicas of vmauth

resources object
{}

We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after resources:.

secretName string
""

Use existing secret if specified otherwise .config values will be used. Check here for details. Configuration in the given secret must be stored under auth.yml key.

securityContext object
enabled: true

Container security context. Check here for details.

service.annotations object
{}

Service annotations

service.clusterIP string
""

Service ClusterIP

service.enabled bool
true

Enable vmauth service

service.externalIPs list
[]

Service external IPs. Check here for details

service.externalTrafficPolicy string
""

Service external traffic policy. Check here for details

service.extraLabels object
{}

Service labels

service.healthCheckNodePort string
""

Health check node port for a service. Check here for details

service.ipFamilies list
[]

List of service IP families. Check here for details.

service.ipFamilyPolicy string
""

Service IP family policy. Check here for details.

service.loadBalancerIP string
""

Service load balancer IP

service.loadBalancerSourceRanges list
[]

Load balancer source range

service.servicePort int
8427

Service port

service.type string
ClusterIP

Service type

serviceAccount.annotations object
{}

Annotations to add to the service account

serviceAccount.create bool
true

Specifies whether a service account should be created

serviceAccount.name string
null

The name of the service account to use. If not set and create is true, a name is generated using the fullname template

serviceMonitor.annotations object
{}

Service Monitor annotations

serviceMonitor.basicAuth object
{}

Basic auth params for Service Monitor

serviceMonitor.enabled bool
false

Enable deployment of Service Monitor for server component. This is Prometheus operator object

serviceMonitor.extraLabels object
{}

Service Monitor labels

serviceMonitor.metricRelabelings list
[]

Service Monitor metricRelabelings

serviceMonitor.relabelings list
[]

Service Monitor relabelings

tolerations list
[]

Tolerations configurations. Check here for details